This is something I've wanted to do for a long time, and since someone mentioned it in the Suggestions forum, I figured I'd write the hack

Purpose: When a new user regsiters, he is e-mailed a password generated randomly. He will not be able to log in until he receives this e-mail and uses that password. (the same happens if an existing user changes his e-mail address).

After installing this hack, you will have three options essentially:

1) Don't verify the e-mail is valid.
In this case the user selects his own password and nothing is sent to him.

2) Verify the e-mail is valid by sending an activation code
This is how vBulletin works now: a user selects his own password during registration, and the BB Mailer sends him an activation code / link that he needs to use before he's able to post

3) Verify the e-mail is valid by sending a random password
In this case the user DOES NOT select a password but instead he receives a randomly generated password by e-mail. He will not be able to log in / post until he receives and uses this password.